CVE-2026-40353 | wger-project wger up to 2.4 attribution_link license_author cross site scripting

A vulnerability labeled as problematic has been found in wger-project wger up to 2.4. This vulnerability affects the function attribution_link. Such manipulation of the argument license_author leads to cross site scripting.

This vulnerability is referenced as CVE-2026-40353. It is possible to launch the attack remotely. No exploit is available.

The affected component should be upgraded.VulDB Recent EntriesRead More